13 matches found
Astra Linux – Vulnerability in Firefox
When a user has already allowed a website to access the microphone and camera, disabling camera sharing does not completely prevent the website from re-enabling them without an additional prompt. This is only possible if the website continues to record with the microphone until the camera is...
firefox: Clipboard write permission bypass
The Mozilla Foundation's Security Advisory: An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain sequence of navigational events...
firefox: Clipboard write permission bypass
The Mozilla Foundation's Security Advisory: An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain sequence of navigational events...
CVE-2024-8900
The Mozilla Foundation's Security Advisory: An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain sequence of navigational events...
CVE-2024-8900
An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain sequence of navigational events. This vulnerability affects Firefox 129...
CVE-2024-23203
The issue was addressed with additional permissions checks. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, macOS Ventura 13.6.5. A shortcut may be able to use sensitive data with certain actions without prompting the user...
libreoffice: Remote documents loaded without prompt via IFrame
A vulnerability was found in LibreOffice. Improper access control in the editor components of The Document Foundation in LibreOffice allows an attacker to craft a document that causes external links to load without a prompt. In the affected versions of LibreOffice documents that used "floating...
SUSE CVE-2006-2198
OpenOffice.org aka StarOffice 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user...
Mozilla: Fullscreen notification bypass via windowName
The Mozilla Foundation Security Advisory describes this flaw as: Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks...
Mozilla: Fullscreen notification bypass via windowName
The Mozilla Foundation Security Advisory describes this flaw as: Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks...
Mozilla: Fullscreen notification bypass
The Mozilla Foundation Security Advisory describes this flaw as: Through a series of popup and window.print calls, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks...
Mozilla: Fullscreen notification bypass via windowName
The Mozilla Foundation Security Advisory describes this flaw as: Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks...
Security feature bypass
There is a logic vulnerability in Elf-G10HN 1.0.0.608. An unauthenticated attacker could perform specific operations to exploit this vulnerability. Due to insufficient security design, successful exploit could allow an attacker to add users to be friends without prompting in the target device...